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DETAILED ACTION 
EXAMINER'S AMENDMENT 

1 . Applicant has substantially clarified the claimed invention in the course of the in 
person interview on 11/12/2004. Based on the discussion the application has been 
amended as follows: 



Claim 9 : A method for preventing unauthorized alteration of content, comprising: 

a) computing a hashed value for each executable command in a script; 

b) encrypting the hashed value for each executable command in the script with a 
first pub li c e ncryption private key of a first asymmetric key pair , wh e r e in th e first public 
e ncryption pr i v a t e k e y us e s a first pr i vate key to oncrypt tho hashed va l uo for each 
e x e cutab l e command; 

c) appending to the script the encrypted hashed values for each executable 
command; 

d) prov i d i ng embedding a first public key corresponding to the first private key to 
an interface control, comprising a script ; and 

e) signing the interface control , wherein signing the interface control comprises 
encrypting the interface control using a second pub l ic e ncrypt i on private key of a 
second asymmetric key pair wh e r ei n th e s e cond publ i c e ncryption pr i v a t e k e y us e s a 
s e cond pub li c key, the signature for the interface control for hiding the first public key 
provided therein, wherein the signed interface control is used to invoke the script. 
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Claim 16 : A method for secure execution of content, comprising: 

a) verifying a pub l ic key cryptography signature associated with an interface 
control using a second public key from a second asymmetric key pair, the interface 
control comprising a script; 

b) computing a hashed value for each executable command in the script; 

c) decrypting an encrypted hashed value appended to the script for each 
executable command in the script using a first public key from a first asymmetric key 
pair to obtain a decrypted hashed value for each executable command in the script; 

d) comparing the computed hashed value for each executable command in the 
script with the corresponding decrypted hashed value for each executable command in 
the script; and 

e) executing the executable commands in the script if the computed hashed 
values for the executable commands in the script are the same as the corresponding 
decrypted hashed values appended to the script for the executable commands. 

Claim 23: An article of manufacture comprising a machine accessible medium 
providing a plurality of machine readable instructions, wherein the instructions, when 
executed by a processor, cause the processor to: 

a) compute a hashed value for each executable command in a script; 

b) encrypt the hashed value for each executable command in the script with a 
first pub li c e ncrypt i on private key of a first asymmetric key pai r wh e r ei n th e f i rst pub l ic 



Application/Control Number: 09/476,037 Page 4 

Art Unit: 2132 

e ncrypt i on pr i vat e k e y us e s a first pr i vate key to encrypt the hashed va l ue for each 
e x e cutab l e command to the scr i pt ; 

c) append to the script the encrypted hashed values for each executable 
command; 

d) prov i d e embed a first public key corresponding to the first private key to an 
interface control comprising a script : and 

e) sign the interface control, wherein instructions to sign the interface control 
comprise instructions to encrypt the interface control using a second pub l ic e ncryption 
private key of a second asymmetric key pain wh e r ei n th e s e cond pub li c e ncrypt i on 
pr i vat e k e y us o s a s e cond pub li c k e y, the signature for the interface control for hiding 
the first public key provided therein, wherein the signed interface control is used to 
invoke the script. 

Claim 24: An article of manufacture comprising a machine accessible medium 
providing a plurality of machine readable instructions, wherein the instructions, when 
executed by a processor, cause the processor to: 

a) verify a pub l ic k e y cryptography signature associated with an interface control 
using a second public key from a second asymmetric key pair compris i ng a scr i pt in 
response to activating the interface control , the interface control comprising a script : 

b) compute a hashed value for each executable command in the script; 
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c) decrypt an encrypted hashed value appended to the script for each executable 
command in the script using a first public key from a first asymmetric key pair to obtain 

a decrypted hashed value for each executable command in the script; 

d) compare the computed hashed value for each executable command in the 
script with the corresponding decrypted hashed value for each executable command in 
the script; and 

e) execute the executable commands in the script if the computed hashed values 
for the executable commands in the script are the same as the corresponding decrypted 
hashed values appended to the script for the executable commands. 

Claim 25 : An apparatus, comprising: 

a server computer, the server computer including a database to house and serve 
web pages and a server processor to: 

compute a hashed value for each executable command in a script on a web 

page; 

encrypt the hashed value for each executable command in the script with a first 
publ i c e ncrypt i on private key of a first asymmetric key pai r wh e r e in th e first pub li c 
e ncrypt i on pr i vat e k e y ut ili z e s a f i rst pr i vat e k e y to oncrypt tho hashed value for oach 
executab l e command i n the scr i pt ; 

append to the script the encrypted hashed values for each executable command; 

provid e embed a first public key corresponding to the first private key to an 
interface control comprising a script : and 
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sign the interface control, wherein to sign the interface control includes to encrypt 
the interface control using a second pub l ic e ncryption private key of a second 
asymmetric key pair wherein the s e cond pub li c e ncrypt i on pr i vat e k e y us e s a s e cond 
public k e y, the signature for the interface control for hiding the first public key provided 
therein, wherein the signed interface control is used to invoke the script. 

Claim 38: The method of claim 16, wherein prior to verifying a pub li c k o y cryptography 
signature associated with an interface control comprising a script, downloading a web 
page to enable a user to activate the interface control, wherein the interface control is 
contained in the web page. 

Claim 39 : The method of claim 16, wherein verifying a public k e y cryptography 
signature associated with an interface control comprising a script comprises: 

decrypting the pub l ic k e y cryptogr a phy signature associated with the interface 
control using a the second public key, wherein the pub l ic k e y cryptography signature 
hides a first public key; 

determining whether changes have occurred to either the interface control or the 
pub li c key cryptogr a phy signature associated with the interface control; and 

detecting the changes, if the changes have occurred. 



Allowable Subject Matter 

2. Claims 9, 13-17, 19 - 39 are allowed. 
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3. 



The following is an examiner's statement of reasons for allowance: 



3.a 



Referring to the independent claims 9, 16, 23, 24, 25 and 27, Atkinson 



disclosed a method for creating a secure script (see abstract). Atkinson teaches that 
the method comprises: 

computing a hashed value for at least one executable command in the 
script; (see FIG. 3 - a flow diagram representing a code certification or signing method 
for ensuring the authenticity and integrity of a computer program, code, or an 
executable file received over computer network, or any other computer network - col. 6, 
line 19-23). Atkinson shows a process block indicating that a cryptographic digest or 
"hash" (FIG. 4) of executable file is obtained or computed (col. 6, line 39-41). 
Atkinson, however, does not teach computing a hashed value for each 
executable command in the script Atkinson also does not teach the script being an 
interface control script. 

Referring to the instant claims, Atkinson shows that a process block indicates that a 
publisher signature (FIG. 4) is formed with cryptographic digest, (col 6, line 50-51). The 
public key is used (see Fig.3). Signing the control program, comprising the public key is 
shown in Fig.4. The instant claims, however, recite encrypting the hashed value for 
each executable command in the script with a private key . Therefore Atkinson teaches a 
different way of using an asymmetric key encryption schema. 

Atkinson teaches that the publisher signature is attached or appended to or 
incorporated to executable file (the last line of col. 6 continue to the first line of col. 7). 
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However, Atkinson does not teach appending the script to each executable command 
within the control. 

Atkinson does not teach or suggest embedding a first public key to the interface control 
comprising a script Atkinson also does not teach or suggest using two levels of 
encryption, wherein signing the interface control comprises encrypting the interface 
control using the second private key of a second asymmetric pair. 

Referring to claims 25 and 27, Atkinson does not teach signing the interface control 
with a second private key in order to hide the first public key embedded into the control 
script. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Drawings 

4. The drawings filed on 12/31/1999 are acceptable subject to replacement of all 
figures drawn by hand. In order to avoid abandonment of this application, correction is 
required in reply to the Office action. The correction will not be held in abeyance. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Grigory Gurshman whose telephone number is 
(571 )272-3803. The examiner can normally be reached on 9 AM-5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571)272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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